===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.116
retrieving revision 1.117
diff -u -r1.116 -r1.117
--- www/innovations.html	2024/02/12 05:39:58	1.116
+++ www/innovations.html	2024/04/02 08:45:41	1.117
@@ -202,8 +202,11 @@
 	system-calls can no longer be performed from PROT_WRITE memory.
 	Theo de Raadt, June 2, 2019.
     <li>System calls may only be performed from selected code regions
-        (main program, ld.so, libc.so, and sigtramp).
-	Theo de Raadt, November 28, 2019.
+        (main program, ld.so, libc.so, and sigtramp).  The libc.so region
+	is setup by <a href="https://man.openbsd.org/msyscall.2">msyscall(2)</a>.
+	Theo de Raadt, November 28, 2019.<br>
+	This mechanism was removed because later work on immutable memory +
+	pinned system calls was even better.
     <li>Permissions (RWX, MAP_STACK, etc) on address space regions can be
 	made immutable, so that <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>,
 	<a href="https://man.openbsd.org/mprotect.2">mprotect(2)</a> or
@@ -259,6 +262,9 @@
         to tell the kernel the precise entry location of system calls in libc.so.
 	Since all syscall entries are now known to the kernel, the
 	pininsyscall(SYS_execve) interface becomes redundant.
+        <a href="https://man.openbsd.org/msyscall.2">msyscall(2)</a> mechanism
+	also becomes redundant (and is removed a bit later), because immutable
+	memory + pinsyscalls together are cheaper and more effective targetting.
 	Theo de Raadt, Jan 2024.
 </ul>